[Yeti DNS Discuss] Authoritative for ARPA? (was: Strange BIND resolver behaviour (may be not Yeti-specific))
Shane Kerr
shane at biigroup.cn
Wed Jul 15 07:58:42 UTC 2015
All,
While I was looking at Stephane's discovery du jour, I noticed that some
Yeti servers are authoritative for arpa:
$ dig +noall +auth @2a02:2810:0:405::250 -t ds 204.in-addr.arpa. +norecurse
arpa. 172800 IN NS ns2.ipv6.ernet.in.
arpa. 172800 IN NS yeti-ns.wide.ad.jp.
arpa. 172800 IN NS bii.dns-lab.net.
arpa. 172800 IN NS ns-yeti.bondis.org.
arpa. 172800 IN NS yeti-ns.tisf.net.
arpa. 172800 IN NS dahu1.yeti.eu.org.
arpa. 172800 IN NS yeti-ns.ix.ru.
arpa. 172800 IN NS yeti-ns.as59715.net.
Some of the other servers do not seem to be:
$ dig +noall +auth @240c:f:1:22::6 -t ds 204.in-addr.arpa. +norecurse
in-addr.arpa. 172800 IN NS e.in-addr-servers.arpa.
in-addr.arpa. 172800 IN NS a.in-addr-servers.arpa.
in-addr.arpa. 172800 IN NS d.in-addr-servers.arpa.
in-addr.arpa. 172800 IN NS c.in-addr-servers.arpa.
in-addr.arpa. 172800 IN NS f.in-addr-servers.arpa.
in-addr.arpa. 172800 IN NS b.in-addr-servers.arpa.
Currently dahu1.yeti.eu.org, ns2.ipv6.ernet.in, and ns-yeti.bondis.org
answer ARPA, other servers do not.
My understanding is that the Yeti root servers are supposed to be
authoritative only for the root zone. Clearly there is confusion here.
So, I think that we have three tasks:
1. Decide what zones Yeti root servers should be authoritative for, and
2. Fix the documentation and configurations to implement this, and
3. Fix the existing servers to match this.
Cheers,
--
Shane
More information about the discuss
mailing list